Jump to content


Photo

VPN packet drop issue


  • Please log in to reply
10 replies to this topic

#1 Shakta

Shakta
  • Members
  • 13 posts

Posted 01 February 2019 - 06:08 AM

hi,

we are facing packet drop issue with barracuda ng f380 IPsec vpn other end cisco ASA firewall, when  the load between two different tunnel A and B is high, C tunnel turns to down or packet dropped in it, if there is no load in A and B tunnel C tunnel is working fine.



#2 Stefan Hora

Stefan Hora
  • Barracuda Guru
  • 144 posts

Posted 03 February 2019 - 10:26 AM

Check if there is a VPN Rate Limit set under "Infrastructure Services/General Firewall Configuration/Operational VPN".
If you set that value to 0 then the limit is disabled.

Otherwise you might have a bad internet connection...



#3 Shakta

Shakta
  • Members
  • 13 posts

Posted 04 February 2019 - 04:57 AM

thanks, will check and let you know.



#4 Shakta

Shakta
  • Members
  • 13 posts

Posted 04 February 2019 - 05:54 AM

please let me know, how much limit I have to set instead of 0



#5 Stefan Hora

Stefan Hora
  • Barracuda Guru
  • 144 posts

Posted 04 February 2019 - 06:33 PM

The limit is set by Barracuda depending on the appliance model so that you have enough cpu power left for a full featured (SSL interception, IPS, AV etc.).
If you lock the General Firewall Configuration and then select "copy fromdefault" (Firmware >=7x.) then you get this default.
But if you don't use SSL interception, IPS, AV then you can set it to 0. Then is the hardware the limit.
If you have a limit set and the limit is reached then the VPN pakets above the limit will be dropped. That's why i asked if you have a limit configured.



#6 Shakta

Shakta
  • Members
  • 13 posts

Posted 05 February 2019 - 05:14 AM

ok, but we're facing the packet drop issue with only one site-site tunnel rest tunnels are working fine.



#7 Stefan Hora

Stefan Hora
  • Barracuda Guru
  • 144 posts

Posted 06 February 2019 - 02:43 PM

Then the problem seems to be on the other end if your internet is not saturated.



#8 Shakta

Shakta
  • Members
  • 13 posts

Posted 13 February 2019 - 12:42 AM

hi I checked operational VPN limit set to 750gbps now I've to change this to 0 or not.



#9 Shakta

Shakta
  • Members
  • 13 posts

Posted 15 February 2019 - 05:22 AM

hi,

I changed the operational VPN 0, even though tunnel getting terminated every 10mins, Is there any other solution for this issue.

please let me know.



#10 Stefan Hora

Stefan Hora
  • Barracuda Guru
  • 144 posts

Posted 15 February 2019 - 05:56 AM

Hi,

in that case it is the best to open a barracuda support case and include a system-report incl. box.par File so they can see the logs.



#11 Shakta

Shakta
  • Members
  • 13 posts

Posted 17 February 2019 - 11:44 PM

Hi,

I shared more then 10 log files to barracuda support but still we didn't get any proper responses.

My case ID is 03123913, can you please check with your team, if you need logs and PAR file means I'll share no problem.